seeking advise: runit-init and 'protected: yes'

Lorenzo plorenzo at disroot.org
Sun Mar 16 23:19:33 GMT 2025 

Dear Matthew, dear All,

[finit maintainer in CC as this is relevant for finit-sysv too]

As sysvinit-core and systemd-sysv already did, I would like to add
protected:yes to runit-init.
By looking at #940965 and #872587 this looks correct.
However runit was already involved in an escalation with a related issue
that ended with a TC ruling (see #923450) and Michael says that init
metapackage becomes moot and they are going to drop it(?)
I'm not sure how to apply the TC ruling in the new context where
each init-package gets 'protected: yes'. [1]

Strictly speaking I'm not doing anything that involves the init
metapackage, so it should be fine. Looking more at the the explanation
behind #923450 , it seems to me that the main point was to make it hard
to install runit-init in order to protect users, and adding 'protected
: yes' to my package does not make it easier to install it, it only
makes it harder to remove it after it's already been installed
(hopefully preventing unwanted init switches), and that looks fine too.

Do people in this list see it differently?

Matthew, as member of the Ctte, could you advise here?
Should I drop a mail at debian-ctte list and give some time to
people there to comment or object to the change?

Best Regards,
Lorenzo

[1]
for example

"Yes, we agree that the maintainers of the init-system-helpers package
(which builds the init binary) have a gatekeeper role for making init
systems as straightforward to install to /sbin/init as e.g. sysvinit
is."

[this seems to imply that installing runit-init should be harder than
 sysvinit-core or systemd-sysv, but it's practically no longer the
 case]


"Another way to use an init system that is not a pre-dependency of init
is to override the Important flag and remove init. I think we have a
consensus that we consider this to be a feature, not a bug: it provides
an indication that this particular non-default init system is unlikely
to be suitable for people who do not know for sure that they want it."

[the 'important' flag becomes 'protected: yes' here and all init
 packages are getting it ... ]

More information about the Debian-init-diversity mailing list